PaulSpoerry.com

Social Media, technology, and geeky stuff for your brain.

  • Home
  • About
    • Privacy Policy
  • Categories
    • Google+ Posts
    • Site news
    • Tech
      • Android
      • Apple
      • Chrome
      • Gadgets
      • Hacking
      • Linux
      • OSX
      • Privacy
      • Web Life
        • Bittorrent
        • Facebook
        • FireFox
        • GMail
        • Google
        • Google+
        • Twitter
        • WordPress
        • Windows
          • Windows 7
    • Google+: Getting Started Guides
    • Games
    • Meditation
    • Politics
    • Science
    • That’s freakin hilarious
  • Code
    • FreeImageZoom
    • Post Editor for Google+™
    • The Plus Editor
  • Contact
You are here: Home / Google+ Posts / Hide your mac! bootkit for OS X can permanently backdoor Macs

Hide your mac! bootkit for OS X can permanently backdoor Macs

January 8, 2015 by Paul Spoerry 32 Comments

 

Dubbed Thunderstrike, because it spreads through maliciously modified peripheral devices that connect to a Mac's Thunderbolt interface. When plugged into a Mac that's in the process of booting up, the device injects what's known as an Option ROM into the extensible firmware interface (EFI), the firmware responsible for starting a Mac's system management mode and enabling other low-level functions before loading the OS. The Option ROM replaces the RSA encryption key Macs use to ensure only authorized firmware is installed. From there, the Thunderbolt device can install malicious firmware that can't easily be removed by anyone who doesn't have the new key.

moar here: http://arstechnica.com/security/2015/01/worlds-first-known-bootkit-for-os-x-can-permanently-backdoor-macs/

Check this out on Google+

Filed Under: Google+ Posts Tagged With: apple, mac, security, Thunderstrike

About Paul Spoerry

I’m a groovy cat who’s into technology, Eastern Thought, and house music. I’m a proud and dedicated father to the coolest little guy on the planet (seriously, I'm NOT biased). I’m fascinated by ninjas, the Internet, and anybody who can balance objects on their nose for long periods of time.

I have a utility belt full of programming languages and a database of all my knowledge on databases... I practice code fu. Oh, I've also done actual Kung Fu, and have a black belt in Tae Kwon Do.

I run. I meditate. I dance. I blog at PaulSpoerry.com, tweet @PaulSpoerry, and I'm here on Google+.

I'm currently work for IBM developing web enabled insurance applications for IBM and support and develop a non-profit called The LittleBigFund.

Comments

  1. Scott Wilson says

    January 8, 2015 at 4:21 pm

    So you could use this method to de-apple the bootloader and make your hardware yours again. You could install whatever OS you wanted on your hardware.

  2. Oliver Sten says

    January 8, 2015 at 4:41 pm

    +Scott Wilson​ sounds like you probably could 🙂

  3. Scott Wilson says

    January 8, 2015 at 4:43 pm

    +Oliver Sten I could have about a year ago. I burned out on Apple's weird hardware issues, and horrible customer service skills. I got sick of fighting them to honor their warranties. I don't like this new Apple.

  4. Oliver Sten says

    January 8, 2015 at 4:45 pm

    +Scott Wilson​ ,
    I hate the fact that they now solder memory and hard drives into their laptops motherboards , the final step to remove customisation from the end user.

  5. Scott Wilson says

    January 8, 2015 at 4:47 pm

    +Oliver Sten The pile of glue they use now irks me to no end. Because fasteners are so expensive. I pay more for hardware now, but I get a much higher quality product than Apple makes.

  6. Ryan Heyworth says

    January 8, 2015 at 5:35 pm

    Which brand of hardware are you referring to? +Scott Wilson

  7. Chris G. Sellers says

    January 8, 2015 at 7:46 pm

    Why it is important to know your manufacturer. Tis also why Apple is so strict on compatability

  8. Scott Wilson says

    January 8, 2015 at 8:09 pm

    +Ryan Heyworth Lately Lenovo. I'm a huge fan of their carbon fiber ultrabooks. No need for a case. Best keyboards money can buy. Tough as hell. Amazing looking. Side benefit: full Linux support. Everything works. Good battery life. Yes, it's going to cost you a lot over a similarly spec'd macbook air (about 800 more) but it's a much better laptop.

  9. Darth Kakeeway says

    January 8, 2015 at 8:25 pm

    tell me something i dont already know

  10. Shan L says

    January 8, 2015 at 9:10 pm

    Need this for Apple store lol

  11. Mike Picard says

    January 8, 2015 at 9:48 pm

    Dude, everyone knows macs CAN'T Get viruses or malware.

  12. Akira Tamashiro says

    January 8, 2015 at 10:11 pm

    Yeeaahhh, about that…

  13. Alex Musick says

    January 8, 2015 at 10:15 pm

    You gotta admit, this is genius. Not moral or ethical, but absolutely genius.

  14. Andrew Buckeridge says

    January 8, 2015 at 11:16 pm

    EFI is just wrong.

  15. Edward Kent says

    January 9, 2015 at 12:09 am

    Similar exploit out for MSWindows.

  16. Shan L says

    January 9, 2015 at 2:55 am

    +Mike Picard back in 2009 ya

  17. Aleksandar Nikoloski says

    January 9, 2015 at 3:19 am

    apple sux nokia wins
    http://www.gsmarena.com/nokia_sells_20000_n1_tablets_in_china_in_4_minutes-news-10695.php

  18. K.B. Burnfield says

    January 9, 2015 at 4:52 am

    If I have physical access to ANY computer I could hack it and leave a backdoor.

    Mac, PC or Linux box.

    If you have physical access to a computer there's 5000 things you can do. This isn't an apple issue, it's a physical access to an electronic device issue.

  19. Scott Wilson says

    January 9, 2015 at 7:08 am

    +K.B. Burnfield​ unless it's a Chromebook (for now) but yeah.

  20. Alex Musick says

    January 9, 2015 at 8:23 am

    +Scott Wilson But like half the chromebook users out there have dev mode on anyway so they can actually do more than browse the internet.

  21. Scott Wilson says

    January 9, 2015 at 9:05 am

    +Alex Musick Half? Could you cite a source please?

  22. Alex Musick says

    January 9, 2015 at 9:46 am

    +Scott Wilson I don't have any statistics personally, I exaggerated. I mean that a lot of them do.

  23. K.B. Burnfield says

    January 9, 2015 at 10:29 am

    But rebooting a Chromebook into Dev mode is easy as pie whether the owner had it on or not.

    Turn it on, do your thing, turn it off.

  24. Scott Wilson says

    January 9, 2015 at 10:38 am

    +K.B. Burnfield and you won't get any of their data because it will be gone. That's the point. Chrome OS, for the moment, is immune to these types of attacks because of the aggressive boot security.

  25. Moctar Fofana says

    January 9, 2015 at 3:28 pm

    The only way this would be viable is for them to infiltrate a peripheral manufacturing company and infect a production line with the exploit which then ends up being purchased in a store somewhere. The other option of gaining physical access to the targeted computer increases the risk of being caught and receiving the ass kicking of a life time, exponentially.

  26. Paul Spoerry says

    January 9, 2015 at 3:31 pm

    Nobody's ever done that… er… well, aside from the NSA exploiting routers and all that while in transit.

  27. Jeroen Mathon says

    January 9, 2015 at 4:21 pm

    Glad i am on linux.
    Feel like a god with the control i have over my system.

  28. Andrew Buckeridge says

    January 9, 2015 at 6:01 pm

    I'm glad I run Debian GNU/Linux with LILO under BIOS and never let any one else use my computer. GRUB gets confused and thinks it's been booted with EFI.

    It's a Mac with Snow Leopard and rEFIt so I never let anyone else use it. It does not have Thunderbolt, but old mini DP. Any DMA channel like FireWire could do similar, but I have USB dongles.

    rEFIt and parts of BOOTCAMP provide BIOS required to set up WinVidia dismay for GNU/Linux. Can't boot MBP with ELILO unless you disable WinVidia dismay. Needs a (USB) serial port up at boot time.

  29. Alex Musick says

    January 9, 2015 at 6:45 pm

    Are we just gonna brag about how good our setup is? I just have a (somewhat) standard setup and accept it's never in a vulnerable position.

  30. Scott Wilson says

    January 9, 2015 at 6:48 pm

    I've typing on a Chromebook Pixel. Done. Nothing to really change lol.

  31. Edward J says

    January 11, 2015 at 7:40 am

    This happened to me while in Asia. I decided to distrust Apple's dev key for a variety of reasons and then was able to find 10gb of language files ( mostly Chinese) that were not there an hour prior when I checked. I then deleted them all and securely erased the trash which took 18 hours and my Mac never turned on after that and had to have both the motherboard and the ssd replaced just to see the apple logo upon boot. Before they replaced that you could hear only the start up sound but the screen remained black. Crazy shit.

  32. Edward J says

    January 11, 2015 at 7:42 am

    Hey Paul, how could you say nobody has ever done that? Are you God or something? It's dumb asses like you that are the reason white hats are so far behind black hats and governments

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Copyright © 2023 · Epik on Genesis Framework · WordPress · Log in